Board Level IT Governance Research Project · IT governance, otherwise referred to as “enterprise governance of IT” or “corporate governance of IT”, is a focus area of corporate

BOARD LEVELIT GOVERNANCERESEARCHPROJECT| Building Digital Leadership Capabilities for the Board

Publication of Antwerp Management School, November 2016

TOOLKIT: BUILDING DIGITAL LEADERSHIP CAPABILITIES FOR THE BOARD

Boards of directors are ultimately accountable for strategic decision-making and control in organi-zations. Financial and legal matters dominate the agendas of board meetings, which is often reflected in board composition. But what about IT-related matters? This is a prominent question in an era where IT is a crucial contributing factor to the com-petitiveness of many organizations. Indeed, more and more organizations are very dependent on IT for the creation of their business value. Digital disruption is all around us, and a vast number of organizations around the globe is actively thinking about digital transformation. Yet empirical evidence seems to indicate that boards of directors are not as involved in IT-related strategic decision-making and control as they should be.

In this context, this toolkit is written for boards who are seeking guidance on how to take up accountabil-ity for governing their digital assets in their organi-zations.

The creation of this toolkit is based on an exten-sive research program installed by the University of Antwerp - Antwerp Management School, CEGEKA, KPMG Belgium and Samsung Belgium on the role of the board in IT governance. You can read the results of our research at www.antwerpmanagementschool.be/boarditgovernance. This toolkit is based on ear-lier research steps where we reviewed state-of-the-art literature on this topic, studied how boards are reporting on IT in their yearly reports and investi-gated how corporate governance codes worldwide are addressing IT governance. The insights obtained helped in crafting the first draft of this toolkit, which was then further discussed in a workshop with 12 board members from major Belgian and Dutch organizations in banking, utilities, telecommuni-cations, media, technology and public sector. The conclusions of this panel discussion are published in a separate document on the research website. All these iterations resulted in this toolkit document.

WHY SHOULD BOARDS ADDRESS IT GOVERNANCE

Emerging research calls for more board level en-gagement in IT governance and identifies serious consequences for digitized organizations in case the board is not involved setting direction towards and being in control over the digital assets. In terms of the role of the board to provide direction for the organization, digital assets have become fundamen-tal for managing enterprise resources and business processes, dealing with suppliers and customers, and enabling increasingly global transactions. Disrup-tive technologies can impact complete business and income models, or even make sectors obsolete in short timeframes (eg. AirBnB, Uber). But also in terms of accountability towards control, there is a growing need to comply with an increasing amount of regulatory and legal requirements of which many also impact IT (eg. privacy) and the continuity of reliability of most primary and secondary business processes rely heavily on IT. Finally, there is rising need for boards to provide transparency on how digitals assets are governed in their organization. Voluntary disclosure theory predicts that digitized firms can improve their liquidity and firm valuation through better information provisioning on the way they govern IT.

Notwithstanding both the empirically and theore- tically demonstrated importance of board level IT governance, other studies point out that on average the involvement of boards in enterprise governance of IT is low and that boards should become more IT savvy to be able to govern the digitized organization. Or in other words, boards need to extend their gov-ernance accountability, from often a mono-focus on finance and legal as proxy to corporate governance, to include technology and provide digital leadership and organizational capabilities to ensure that the enterprise’s IT sustains and extends the enterprise’s strategies and objectives.

“Indeed, the board might look at IT as a ‘non-issue’.As a representation of the shareholders, the focus often is on more strategic issues, such as for example mergers & acquisitions or liabilities, and in that case IT is often set apart as something operational”

(quote of a board member participating in the panel discussion with 12 board members)

WHAT IS BOARD LEVEL IT GOVERNANCE

IT governance, otherwise referred to as “enterprise governance of IT” or “corporate governance of IT”, is a focus area of corporate governance that is concerned with an organization’s digital assets. Analogously to corporate governance, it is concerned with the oversight of digital assets and their contribution to business value and the mitigation of IT-related risks.

One of the most common references definitions in IT governance is stated by De Haes & Van Grembergen (2015) who explicitly indicate that it should operate at the same level as corporate governance. They define the concept as follows: “Enterprise govern-ance of IT is an integral part of corporate governance exercised by the board overseeing the definition and implementation of processes, structures and relational mechanisms in the organization that enable both business and IT people to execute their respon-sibilities in support of business/IT alignment and the creation of business value from IT-enabled business investments.”

“The board should not look at the technical details of IT. The real discussion should be about IT enabled business transformations and business risks. “

Many sources identify five areas or domains in the context of enterprise governance of IT that need to be addressed, more specifically: • Strategic alignment, with focus on aligning busi-

ness and IT strategies • Value delivery, concentrating on optimizing ex-

penses and proving the value of IT• Risk management, addressing the IT related busi-

ness risks • Resource management, optimising IT related

knowledge and sourcing• Performance management, monitoring IT enabled

investment and service delivery


HOW CAN BOARDS ADDRESS IT GOVERNANCE

Based on our research, we propose a three-step approach for boards to start engaging in IT governance.

Figure 1. Nolan and McFarlan GriD

It might be that the board will conclude that they have activities in different quadrants as proposed in figure 1, or a continuously switching between quad-rants. For example, it might be that some of the key business processes require mainly very reliable and cost-efficient support of IT (for example production processes in factory mode), while in parallel new products and services are developed that require innovative IT solutions (for example marketing processes in strategic mode). It is important for the board to understand and articulate such bi-modal or dynamic requirements in this step. Next (see step 2), it is up to the board to ensure that the organizational capabilities are designed in such a way that they can meet these requirements.

Step 1: Articulate an understanding of the role of IT

in the organization

As the required role of the board in IT governance might be different in diverse types of organizations, the first step the board should take is understand-ing and determining the significance of IT and its role with respect to the business. In this context, an instrumental toolkit is provided through the strate-gic impact grid of Nolan and Mc Farlan (2005), see figure 1. Depending on the role of IT for the organiza-tion, the board-level IT governance approach will be different (see step 2).

The strategic impact grids defines four “IT use modes” along two axes (contingencies). A low need for new information technology entails a defensive IT strategy, whereas a high need requires an offensive IT strategy. The latter implies that business process-es, income models, etc. will or need to be innovated through technology to gain new markets and cus-tomers, to improve quality of services, etc. The spec-trum is completed by the need for reliable informa-tion technology: within a defensive IT strategy, a high need for reliability results in a “factory” use mode, a low need results in a “support” use mode. Factory mode implies that many or most of the business processes will fail to work when technology fails, with immediate impact on business continuity, turnover, sales etc. Within an offensive strategy, a high need for reliability results in a “strategic” use mode, a low need results in a “turnaround” mode.

Factorymode

Strategicmode

Supportmode

Turnaround mode

Low (defensive) to high (offensive) need for new ITLo

w t

o h

igh

need

fo

r re

liab

le IT

Step 2: Establish the appropriate governance

structures

Depending on the role of IT in the organization, an appropriate governance structure needs to be established.

For organizations in the offensive mode, the board should consider to include the IT related topic as fixed agenda item within the board’s agenda or the agenda of the “strategy committee” supporting the board. Of course, this requires the chairman to take the necessary steps to make to board more “IT savvy” by appointing a member with IT governance expertise or evolving towards more multi-disciplined directors.

Alternatively, the board could consider to establish a separate IT Strategy and Oversight Committee at the same level as the board-level audit or strategy committee. The essential advantage of the advisory role of the IT Strategy and Oversight Committee is facilitating deliberations on technology in order to help make informed decisions. To set up an IT Strategy and Oversight Committee, the appropri-ate chairman and members need to be selected. Independent directors, with IT governance related expertise, could be considered to be the members of the committee. A charter has to be made of which a draft generic layout is provided below. Of course, the selection of the appropriate committee where IT will be discussed or prepared for the board, and the

related charter requirements, will be highly depending on the existing dynamics and operating principles of the board.

In case IT is of less strategic importance (defensive mode), the audit committee could at least take up the IT oversight role as part of its duties. Also the risk committee and audit committee are seen as valid structures by which board-level IT governance can be increased, certainly in view of the board’s limited time. However, the limited scope of these commit-tees might result in an adequate focus on the risk aspect but insufficient attention towards the value and performance aspects of IT.

Finally, it might be that the organizations band-with does not allow for installing separate committees within the board. In such case, it is up to the board’s chairman to bring in IT governance expertise within the board’s team or considering multi-skilled directors.

“The board’s engagement in IT discussions highly depends on the composition of the board. As such, as a chairman, I should ensure that we have a balanced team capable of also addressing the digital challenges, next to the many other topics on our agenda. This requires experts in the board, or multi-disciplined directors, who understand the governance challenges around IT and digital”.


IT Strategy and Oversight Committee Charter

Name

IT Strategy and Oversight Committee

Purpose

To assist the board in giving direction and being in control on enterprise’s IT-related matters.

Responsibility

The committee should ensure that IT is a regular item on the board’s agenda and that it is addressed in a struc-tured manner. In addition, the committee must ensure that the board has the information it needs to make informed decisions that are essential to achieve the ultimate objectives of IT governance. Those objectives are:• Strategic alignment, with focus on aligning business and IT strategies• Value delivery, concentrating on optimizing expenses and proving the value of IT• Risk management, addressing the IT related business risks • Resource management, optimising IT related knowledge and resources• Performance management, monitoring IT enabled investment and service delivery

Authority

The IT Strategy and Oversight Committee operates at the board level but does not assume the board’s governance accountability nor make final decisions. As an emination of the board, it assists the board on current and future IT-related issues.

The IT Strategy and Oversight Committee must work in partnership with the other board committees to provide input to, review and amend the aligned corporate and IT strategies. Possible partnerships are with:• The Audit Committee, on major IT risks• The Business Strategy Committee, on value delivery and alignment• The Compensation Committee, on performance measurement

Membership

The IT Strategy and Oversight Committee is composed of a chairman and several board members. The members should be selected on the basis of their knowledge and expertise in understanding the business impacts of information and related technology.

The success of the IT Strategy and Oversight Committee depends on an objective and business-oriented understanding of the organisation’s IT issues. An effective mix of members who understand the business operations and can challenge IT assumptions is likely to increase the IT Oversight success in achieving its goals. For this reason, the committee should invite ex-officio permanent representation of key executives and internal or external independent experts, while remaining mindful of confidentiality requirements.

Meetings

The IT Strategy and Oversight Committee should meet when needed and as often as needed to accomplish its duties. The committee should report its findings and recommendations to the board. In addition, the committee’s meeting agenda, minutes and supporting documents should be provided to the board so that board members not sitting on the committee may submit their comments to the committee chairman.

Figure 2: IT Strategy and Oversight Committee Charter (Based on: IT Governance Institute, 2003)

Figure 2: IT Strategy and Oversight Committee Charter (Based on: IT Governance Institute, 2003)

Step 3: Give direction and provide oversight by

asking critical questions

Once the IT governance accountability is established at board level, asking tough questions is an effective way to get started. Of course, those responsible for governance want good answers to these questions. Then they want action. Then they need follow-up. Here are some sample questions (figure 4), catego-rized according to the role of IT within the company. The more you move from the support mode towards strategic mode, the more questions you can leverage from the different quadrants.

In asking and answering these questions, a climate of openness and transparency should exist between the board and executive management on IT related topics, in both directions and in a language that all stakeholders can understand. This implies a pivotal role for the CIO, in providing support to the board on IT related topics and taking their advice towards further (digital) strategy.

• Do we have fast- response processes in place in the event of an attack?

• Are we protected against possbile intellectual-prop-erty-infringe-ment-lawsuits?

Low (defensive) to high (offensive) need for new IT

Low

to

hig

h ne

ed f

or

relia

ble

IT

Figure 4: Asking though questions linked to the IT strategic impact grid (Source:

(Nolan & Mc Farlan, 2005))

Figure 3: Recommendations for the audit committee

Audit Committee Recommendations

Membership of the audit committee

• Consider the appointment of an independent board member within the audit committee who has expertise on IT governance related elements

• Consider regular invitation of the CIO to under-stand IT related risks

Implication towards internal & external audit

• Ensure that the internal or external audit function has sufficient knowledge and expertise around IT governance and management aspect (to assess risk and value of IT)

Agenda

• Ensure IT related risks are yearly addressed on the audit committee agenda

• Are our stratgic IT development plan proceeding as required?

• Do we regularly benchmark to main-tain our competitive cost structure?

• Has the strategic importance of IT changed?

• What are our cur-rent and potential competitors doing in the area of IT?

• Do we have pro-cesses in place that will enable us to discover and exe-cute any strategic IT opportunity?

• Is our application portfolio sufficient to deal with com-petitive threat?

ConclusionIn our increasingly digitized economy, information technology (IT) has become fundamental to support, sustain and grow organizations. Successful organi-zations leverage the digital innovation potential but also understand and manage the risks and con-straints of technology. Previously governing board could delegate, ignore or avoid IT decisions, but the disruptive new technologies are increasingly being felt at board level. Emerging research calls for more board level engagement in enterprise governance of IT and identifies serious consequences for digitized organizations in case the board in not involved. Yet, it appears that enterprise technology governance competence remains the ‘elephant in the boardroom’ in most boardrooms.

This briefing provides guidance on the what, why and how boards can take up their accountability in governing the digital assets. By developing such tools, we hope to contribute to facilitating board members to gradually engage in decision-making and control of digitals assets.

In the context of this research program, we organized a workshop during which we discussed the why, what and how of board-level IT governance with a group of 12 board members. Below, you will find some quotes that were articulated during the workshop.

What is board level IT governance?

Why should non-executive boards address IT governance?

How can boards address IT governance?

BOARD LEVEL IT GOVERNANCE RESEARCH PROJECT

“I think boards should be more involved with ICT discussions, in the same manner as they traditional-ly do on finance and legal. Certainly when you have a company where ICT is core to the execution of your strategy, which is most organizations became a de-facto truth .

Board Member, Workshop Participant

“You have to make a good evaluation of what your strategy is and how crucial ICT is realizing your strategy. Also, I think it is important that you make an evaluation of the competences and the comple-mentarity of your board because you can only discuss ICT at board level when you have enough, what I would call, IT savviness at board level.”


“Board IT Governance is related to the fundamental mission of the board, which is strategy and over-sight. Given the nature of IT, I am of the opinion that the board should have an integrated approach on IT issues, because they will affect at the end of the day every element, every component of the business. It may evolve, it may be at different degrees in certain business components, but at the end of the day the entire organization will be affected.”


“Introduce the right people with the right background in the board. Because if you have a big legal issue, you also introduce your lawyers on that. But make sure you have people who focus on it from a business perspective also, that is very important.”


“Asking the right questions, first. Discuss what can happen in our strategy regarding technological de-velopments. And asking the right questions is actually not that difficult. What is going on in the world? Do we think about this? What type of scenarios do we see? What type of methodologies do we use?”


“Asking critical questions is a responsibility of every board member, regardless of whether he’s a law-yer or a finance specialist or manager or what have you. You have to have sector knowledge, you have to understand what the heartbeat of the organization is, and you have to do your homework related to technological developments, what is going on in the world.”


ACKNOWLEDGMENT

This research is part of a co-created research project installed by KPMG Belgium, CEGEKA Belgium, Samsung Belgium, together with the Antwerp Management School and the University of Antwerp. The leadership role of the industry partners in supporting this research is focused at better understanding the crucial accountability of the board in governing the digital assets and to provide solutions and tools for these board member to take up their accountability. We also want to express our gratitude towards the 12 board members that participated in our expert panel to review and give feedback on our conclusions and recommendations.

Read other briefings of this research by visiting our website www.antwerpmanagementschool.be/boarditgovernance: - Research Briefing 1: How governing boards report on IT Governance: towards more IT Go-

vernance Transparency- Research Briefing 2: How boards lead and govern digital assets: a summary of the state-of-the-

art research- Research Briefing 3: Corporate governance codes and digital leadership

ABOUT THE RESEARCHER TEAM

Steven De Haes (chair), PhD, is Full Professor Information Systems Management at the University of Antwerp – Faculty of Applied Economics and at the Antwerp Management School. He is actively engaged in teaching and applied research in the domains of Digital Stra-tegies, IT Governance & Management, IT Strategy & Alignment, IT Value & Performance Management, IT Assurance & Audit and Information Risk & Security. He acts as the acade-mic director for this research program.

Anant Joshi, PhD is a researcher at the University of Antwerp and Antwerp Management School (Belgium), and an assistant professor at Maastricht University (The Netherlands). Anant holds a PhD degree in Management Information Systems from Maastricht University, Netherlands. His research interests include Corporate Governance of IT, Business Value of IT, and Corporate Governance.

Tim Huygh is a PhD candidate in Information Technology Governance at the department of Management Information Systems of the Faculty of Applied Economics at the University of Antwerp. He has a bachelor’s and master’s degree in Business Engineering: Management Information Systems from the University of Antwerp and a master’s degree in Advanced Busi-ness Studies from the University of Leuven (KUL). His research interests include IT governan-ce and management, and Business/IT alignment.

Salvi Jansen is a business engineer in management information systems (MIS) and a con-sultant at KPMG Advisory in Belgium. Working in the field of IT governance and strategic alignment he aims to provide the business with fact-based insights and enjoys delivering audit and advisory engagements in a variety of sectors. His research interest focuses around IT governance, more specifically the processes, controls, and capabilities needed at the executive level to direct and control the IT management.

REFERENCES

Andriole, S. (2009). Boards of Directors and Technology Governance: The Surprising State of the Practice. Communications of the Association for Information Systems.

Bart, C., & Turel, O. (2010). IT and the Board of Directors: An Empirical Investigation into the “Governance Questions” Canadian Board Members Ask about IT.

Buckby, S., & Best, P. J. (2007, July 1). Development of a board IT governance (ITG) review model. Procee-dings of the 2007 AFAANZ Conference. Accounting & Finance Association of Australia and New Zealand.

Butler, R., & Butler, M. J. (2010). Beyond King III : assigning accountability for IT governance in South African enterprises. South African Journal of Business Management, 41(3), 33–45.

Cadbury, A. (1992). Report of the Committee on the Financial Aspects of Corporate Governance.

Canadian Institute of Chartered Accountants (CICA). (2004). 20 Questions Directors Should Ask About IT. Toronto, Canada.

Canadian Institute of Chartered Accountants (CICA). (2012). 20 Questions Directors Should Ask About IT, Second Edition. Toronto, Canada. Retrieved from https://www.cpacanada.ca/business-and-accounting-re-sources/other-general-business-topics/information-management-and-technology/publications/20-questi-ons-on-information-technology

Coertze, J., & von Solms, R. (2013). The Board and IT Governance: A Replicative Study. African Journal of Business Management, 7(35), 3358–3373.

Coertze, J., & von Solms, R. (2014). The Board and CIO: The IT Alignment Challenge. In 2014 47th Hawaii International Conference on System Sciences (pp. 4426–4435). IEEE. http://doi.org/10.1109/HICSS.2014.545

Coles, J. W., & Hesterly, W. S. (2000). Independence of the Chairman and Board Compositi-on: Firm Choices and Shareholder Value. Journal of Management, 26(2), 195–214. http://doi.org/10.1177/014920630002600202

Davenport, T. H. (1998). Putting the enterprise into the enterprise system. Harvard Business Review, 76(4), 121–131.

De Haes, S., & Van Grembergen, W. (2009). An Exploratory Study into IT Governance Implementations and its Impact on Business/IT Alignment. Information Systems Management, 26(2), 123–137. http://doi.org/10.1080/10580530902794786

De Haes, S., & Van Grembergen, W. (2015). Enterprise governance of information technology. Springer.

Eisenhardt, K. M. (1989). Agency Theory: An Assessment and Review. Academy of Management Review, 14(1), 57–74. http://doi.org/10.2307/258191

Firth, M. A., & Rui, O. M. (2012). Does One Size Fit All? A Study of the Simultaneous Relations Among Ownership, Corporate Governance Mechanisms, and the Financial Performance of Firms in China. In Corpo-rate Governance (pp. 29–57). Springer Berlin Heidelberg. http://doi.org/10.1007/978-3-642-31579-4_2

Goergen, M. (2012). International Corporate Governance. Prentice Hall.

Harford, J., Mansi, S. A., & Maxwell, W. F. (2008). Corporate governance and firm cash holdings in the US. Journal of Financial Economics, 87(3), 535–555. http://doi.org/10.1016/j.jfineco.2007.04.002

International Organization for Standardization (ISO). (2008). ISO/IEC Standard 38500: Corporate Gover-nance of Information Technology.

IT Governance Institute (ITGI). (2003). Board Briefing on IT Governance, 2nd Edition. Retrieved from http://www.isaca.org/knowledge-center/research/researchdeliverables/pages/board-briefing-on-it-governan-ce-2nd-edition.aspx

Jewer, J., & McKay, K. (2012). Antecedents and Consequences of Board IT Governance: Institutional and Strategic Choice Perspectives. Journal of the Association for Information Systems.

Kitchenham, B., & Charters, S. (2007). Guidelines for performing Systematic Literature Reviews in Software Engineering. Retrieved from https://www.cs.auckland.ac.nz/~norsaremah/2007 Guidelines for performing SLR in SE v2.3.pdf

Kritzinger-von Solms, E., & Strous, L. (2003). Information security: A corporate governance issue. In INTE-GRITY AND INTERNAL CONTROL IN INFORMATION SYSTEMS V (Vol. 124, pp. 115–133). KLUWER ACADE-MIC PUBLISHERS.

Kuruzovich, J., Bassellier, G., & Sambamurthy, V. (2012). IT Governance Processes and IT Alignment: View-points from the Board of Directors. In 2012 45th Hawaii International Conference on System Sciences (pp. 5043–5052). IEEE. http://doi.org/10.1109/HICSS.2012.394

Lin, T. C. W. (2011). The Corporate Governance of Iconic Executives.

Mähring, M. (2006). The Role of the Board of Directors in IT Governance: A Review and Agenda for Rese-arch. AMCIS 2006 Proceedings.

Mohamad, S., Hendrick, M., O’Leary, C., & Best, P. (2014). Developing a Model to Evaluate the Information Technology Competence of Boards of Directors. Corporate Ownership & Control, 12, 64–74.

Nolan, R., & McFarlan, F. (2005). Information technology and the board of directors. HARVARD BUSINESS REVIEW, 83(10), 96–+.

O’Donnell, E. (2004). Discussion of director responsibility for IT governance: a perspective on strate-gy. International Journal of Accounting Information Systems, 5(2), 101–104. http://doi.org/10.1016/j.acc-inf.2004.01.002

OECD. (2015). G20/OECD Principles of Corporate Governance. Retrieved from http://www.oecd-ilibrary.org/governance/g20-oecd-principles-of-corporate-governance-2015_9789264236882-en

Oliver, G. R., & Walker, R. G. (2006). Reporting on software development projects to senior managers and the board. Abacus, 42(1), 43–65. http://doi.org/10.1111/j.1467-6281.2006.00188.x

Parent, M., & Reich, B. H. (2009). Governing Information Technology Risk. CALIFORNIA MANAGEMENT REVIEW, 51(3), 134–+.

Petersen, K., Feldt, R., Mujtaba, S., & Mattsson, M. (2008). Systematic mapping studies in software enginee-ring, 68–77. Retrieved from http://dl.acm.org/citation.cfm?id=2227115.2227123

Peterson, R. (2004). Crafting Information Technology Governance. Information Systems Management, 21(4), 7–22. http://doi.org/10.1201/1078/44705.21.4.20040901/84183.2

Posthumus, S., & von Solms, R. (2008). Agency Theory: Can it be Used to Strengthen IT Governance? In

Proceedings of The Ifip Tc 11 23rd International Information Security Conference. Springer US.

Posthumus, S., & Von Solms, R. (2010). The board and IT governance : towards practical implementation guidelines. Journal of Contemporary Management, 7, 574–596.

Posthumus, S., Von Solms, R., & King, M. (2010). The board and IT governance : the what, who and how. South African Journal of Business Management, 41(3), 23–32.

Raghupathi, W. (2007). Corporate Governance of IT: A Framework For Development. Communications of the ACM, 50(8), 94–99. http://doi.org/10.1145/1278201.1278212

Read, T. J. (2004). Discussion of director responsibility for IT governance. International Journal of Accoun-ting Information Systems, 5(2), 105–107. http://doi.org/10.1016/j.accinf.2004.01.003

Shailer, G. (2004). An Introduction to Corporate Governance in Australia. Sydney: Pearson Education Aus-tralia.

Trautman, L. J., & Altenbaumer-Price, K. (2010). The Board’s Responsibility for Information Technology Governance.

Trites, G. (2004). Director responsibility for IT governance. International Journal of Accounting Information Systems, 5(2), 89–99. http://doi.org/10.1016/j.accinf.2004.01.001

Turel, O., & Bart, C. (2014). Board-level IT governance and organizational performance. European Journal of Information Systems, 23(2), 223–239. http://doi.org/10.1057/ejis.2012.61

Uhlaner, L., Wright, M., & Huse, M. (2007). Private Firms and Corporate Governance: An Integrated Econo-mic and Management Perspective. Small Business Economics, 29(3), 225–241. http://doi.org/10.1007/s11187-006-9032-z

Valentine, E., & Stewart, G. (2013a). Director competencies for effective enterprise technology governance. In 24th Australasian Conference on Information Systems (ACIS) (pp. 1–11). RMIT University.

Valentine, E., & Stewart, G. (2013b). The emerging role of the Board of Directors in enterprise business technology governance. International Journal of Disclosure and Governance, 10(4), 346–362. http://doi.org/10.1057/jdg.2013.11

Valentine, E., & Stewart, G. (2015). Enterprise Business Technology Governance: Three Competencies to Build Board Digital Leadership Capability. In 2015 48th Hawaii International Conference on System Sciences (pp. 4513–4522). IEEE. http://doi.org/10.1109/HICSS.2015.539

Weill, P., & Ross, J. W. (2004). IT Governance: How Top Performers Manage IT Decision Rights for Superior Results. Harvard Business Press.

Wieringa, R., Maiden, N., Mead, N., & Rolland, C. (2005). Requirements engineering paper classification and evaluation criteria: a proposal and a discussion. Requirements Engineering, 11(1), 102–107. http://doi.org/10.1007/s00766-005-0021-6

Yayla, A. A., & Hu, Q. (2014). The Effect of Board of Directors’ IT Awareness on CIO Compensation and Firm Performance. Decision Sciences, 45(3), 401–436. http://doi.org/10.1111/deci.12077

RESEARCH PROJECT WITH OUR KNOWLEDGE PARTNERS:

POWERED BY:

MORE INFORMATION

Contact the Academic Director of the Competence Center ITAG, Prof. Dr. Steven De Haes, [email protected]/itag

#boardITgovernance

MORE INFORMATION

Contact the Academic Directorof the Competence Center ITAG,Prof. Dr. Steven De Haes,[email protected]/itag

#boardITgovernace

Documents

Board Level IT Governance Research Project · IT governance, otherwise referred to as “enterprise governance of IT” or “corporate governance of IT”, is a focus area of corporate